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DETAILED ACTION 
Specification 

1 . The disclosure is objected to because of the following informalities: 

• On page 14, line 11, (l DOMAIN(1)" should be -DOMAIN(2) -. 
Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1-35 are rejected under 35 U.S.C. 102(e) as being anticipated by Bruno 
et al. (U.S. Patent No. 6,604,123). 

Regarding claim 1 , Bruno et al. teaches a system to facilitate substantially secure 
communication of data from a user-level process, comprising: 

• At least a first queue associated with the process, such that the process is 
operative to directly communicate a message relative to the first queue (fig. 3, 
ref. num 318); and 
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• A first communication context operative to communicate the message between 
the first queue and a second communication context (fig. 3, ref. num 506); 

• Wherein communication between the first queue and the first communications 
context is controlled based on whether an appropriate association exists between 
the first queue and the first communications context, the association between the 
first queue and the first communications context being provided through a 
privileged operation not adjustable by the first process (col. 8, lines 3-13). 

Regarding claim 2 , Bruno et al. teaches wherein the first queue and the first 
communication context reside at a first node that is different from that of the second 
communication context (fig. 3, ref. num 312 different from 314). 

Regarding claim 3 , Bruno et al. teaches further comprising an interface at the first 
node operative to validate messages communicated from the first queue to the first 
communication context (col. 7, lines 23-27). 

Regarding claim 4 , Bruno et al. teaches wherein the interface is operative to 
prevent messages from being communicated from the first queue to the first 
communication context if an association mismatch exists between the first queue and 
the first communication context (col. 7, lines 23-27). 
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Regarding claim 5 , Bruno et al. teaches wherein the appropriate association 
between the first queue and the first communication context requires membership to a 
common domain (col. 7, lines 27-54). 

Regarding claim 6 , Bruno et al. teaches further comprising a second queue 
associated with a second process at the first node, such that the second process is 
operative to directly communicate a message to the second queue (fig. 1, ref. num 116 
and 120, a first and second queue, respectively). 

Regarding claim 7 , Bruno et al. teaches wherein the second queue is associated 
with the common domain through a privileged operation, such that the first and second 
queues can share the first communication context to communicate messages through a 
channel defined by the first communication context and the second communication 
context, each of the first and second queues being operative to communicate messages 
with at least one process at a node where the second communication context resides 
(fig. 3, ref. num 312 and 314 can both communicate to 318, which is in a privileged 
mode). 

Regarding claim 8 , Bruno et al. teaches wherein the first process further 
comprises a process operating in a user mode and the second process comprises a 
process operating in a user mode (fig. 3, ref. num 502 and 506, a first and second 
process). 
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Regarding claim 9 , Bruno et al. teaches further including a third communication 
context associated with the second queue through a privileged operation at the first 
node, the third communication context enabling communication between the third 
communication context and a fourth communication context that resides a node 
different from the first node (fig. 3, ref. num 316 is a privileged operation between 312 
and 314, which communicates to 308). 

Regarding claim 10 , Bruno et al. teaches wherein the common domain is a first 
domain, the association between the second queue and the third communication 
context corresponding to a second domain that is different from the first domain, 
wherein each communication channel established in the second domain is isolated from 
each channel established in the first domain (fig. 1, ref. num 116 and 120, each channel 
is isolated). 

Regarding claim 11 , Bruno et al. teaches wherein the first queue and the first 
communication context reside at a first node that is different from a second node at 
which the second communication context resides, the system further comprising a third 
communication context at the first node to enable communication of messages between 
the third communication context and a fourth communication context that resides at a 
third node that is different from the first node (fig. 3, ref. num 312 communicates with 
314 separately than 312 communicates with 308). 
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Regarding claim 12 , Bruno et al. teaches wherein the first queue is associated 
with the third communication context through a privileged operation, such that the first 
process is operative to communicate the message over a communication channel 
established between the third communication context and a fourth communication 
context that resides at the third node, which is different from the second node (fig. 3, ref. 
num 318 resides in the privileged mode, controlling operations between 312, 314, and 
310). 

Regarding claim 13 , Bruno et al. teaches wherein the first queue and the first 
communication context are associated so as to be part of a first domain, the system 
further comprising a second queue is associated with a second process, the second 
queue being associated with a third communication context so as to be part of second 
domain that is isolated relative to the first domain (fig. 3, ref. num 312 and 308). 

Regarding claim 14 , Bruno et al. teaches a system to facilitate communication of 
data, comprising: 

• A virtual hardware component at a first node operable to communicate a 
message received directly from an associated process (fig. 3, ref. num 318); and 

• A first channel endpoint established at the first node, the first channel endpoint 
being operative to communicate messages to a second channel endpoint 
residing at a second node (fig. 3, ref. num 602); 

• Wherein each of the virtual component and the first channel endpoint is 
associated with a respective domain through a privileged operation at the first 
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node, communication of messages between the virtual component and the first 
channel endpoint being controlled based on validation of the respective domains 
for the virtual component and the first channel endpoint (col. 8, lines 3-13). 

Regarding claim 15 , Bruno et al. teaches wherein hardware at the first node is 
operative to prevent messages from being sent between the virtual component and the 
first channel endpoint in response to detecting an invalid association between the virtual 
component and the first channel endpoint (col. 7, lines 23-27). 

Regarding claim 16 , Bruno et al. teaches wherein the virtual component is a first 
virtual component, the system further comprising a second virtual hardware component 
operative to communicate a message directly with an associated process at the first 
node (col. 7, lines 23-54). 

Regarding claim 17 , Bruno et al. teaches wherein the second virtual hardware 
component and the first virtual hardware component are members of a common 
domain, domain membership being assigned through a privileged operation not 
adjustable by the first or second process, wherein the first and second virtual 
components are operative to share the first channel endpoint of the first node, such that 
each of the first and second processes can communicate messages with at least one 
process at the second node (fig. 3, ref. num 316). 
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Regarding claim 18 , Bruno et al. teaches further including a third channel 
endpoint at the first node, the third channel endpoint being operative to communicate 
messages with a fourth channel endpoint that resides at a node different from the first 
node (fig. 3, ref. num 504 or 512). 

Regarding claim 19 , Bruno et al. teaches wherein the virtual component is a first 
virtual hardware component, the system further comprising a second virtual hardware 
component at the first node that is associated with the third channel endpoint through a 
privileged operation at the first node (fig. 1 , ref. num 1 16 and 120 communicates with 
the other protected domains). 

Regarding claim 20 , Bruno et al. teaches wherein each of the first and third 
channel endpoints belongs to different domains, such that each communication channel 
established between associated channel endpoints in one of the domains is isolated 
from each communication channel established between associated channel endpoints 
in each other of the domains (fig. 1, ref. num 114 and 118 are different domains). 

Regarding claim 21 , Bruno et al. teaches wherein each of the first and third 
channel endpoints belongs to a common domain, such that each of the first and second 
processes at the first node is operative to share first and third channel endpoints to 
respectively communicate a message with at least one process at the second and third 
nodes based on data in the respective message (fig. 1, ref. num 116 and 120 are same 
domains). 
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Regarding claim 22 , Bruno et al. teaches a system to facilitate communication of 
data, comprising: 

• Storage means for receiving a message provided directly from a user-level 
process (fig. 3, ref. num 318); 

• Communication means associated with the storage means for, upon validation of 
a domain association between the storage means and the communication 
means, sending the stored request to a corresponding communication means at 
another node in the system (fig. 3, ref. num 602); and 

• Validation means for validating the association between the storage means and 
the communication means, the storage means and the communication means 
being associated in a privileged operation not adjustable by user-level processes 
(col. 8, lines 3-13). 

Regarding claim 23 t Bruno et al. teaches a system to facilitate communication of 
data, comprising: 

• Virtual storage means at a first node for storing a message for direct 
communication relative to a user-level process (fig. 3, ref. num 318); 

• Endpoint communication means at the first node for means for, upon determining 
a common domain membership for the storage means and the endpoint 
communication means, enabling communication between the virtual storage 
means and the endpoint communication means (fig. 3, ref. num 602); and 
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• Control means for independently controlling domain membership for each of the 
virtual storage means and the endpoint communication means (col. 8, lines 3- 
13). 

Regarding claim 24 , Bruno et al. teaches wherein the endpoint communication 
means further includes means for preventing communication of messages between the 
virtual storage means and the endpoint communication means in the absence of a 
common domain membership among virtual storage means and the endpoint 
communication means (col. 7, lines 23-54). 

Regarding claim 25 , Bruno et al. teaches wherein the endpoint communication 
means further includes means for permitting communication of messages between the 
virtual storage means and the endpoint communication means when common domain 
membership exists among virtual storage means and the endpoint communication 
means (col. 7, lines 23-54). 

Regarding claim 26 , Bruno et al. teaches a computer-readable medium having 
computer-executable instructions for: 

• In a privileged mode, setting domain membership for a queue of a first node and 
setting domain membership for a communication component of the first node, the 
communication component of the first node being operable to communicate 
messages with a corresponding communication component at a second node, 
the domain membership being inaccessible by user-level processes, the queue 
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being mapped into memory of an associated user-level process at the first node, 
such that the user-level process can communicate directly with the queue (col. 8, 
lines 3-13); and 

• Controlling communication of message between the queue and the 

communication component based on the domain membership set for each of the 
queue and the communication component (col. 7, line 55 through col. 8, line 2). 

Regarding claim 27 , Bruno et al. teaches having further computer-executable 
instructions for providing an error message to the associated user-level process if the 
domain membership between the queue and the communication component is invalid 
(col. 7, lines 23-54). 

Regarding claim 28 , Bruno et al. teaches having further computer-executable 
instructions for analyzing the message to identify which of a plurality of communication 
contexts is designated and validating domain membership between the queue and the 
designated communication context to control communication of the message between 
the queue and the designated communication context (col. 7, lines 23-54). 

Regarding claim 29 , Bruno et al. teaches a method to facilitate communication in 
a system architecture in which a process is operative to communicate a message 
directly with a storage component coupled to at least one local communications 
component in a node for communicating the message for receipt by a second 
communications component, the method comprising: 
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• Associating the storage component with a domain for temporarily storing the 
message (fig. 3, ref. num 31 8); 

• Associating the local communications component with a domain (fig. 3, ref. num 
602); and 

• Controlling communication of a message between the storage component and 
the local communications component based on the domain of the storage 
component and the domain of the local communications component (col. 8, lines 
3-13). 

Regarding claim 30 , Bruno et al. teaches wherein the domain for the storage 
component and the domain for the association of the local communications component 
are implemented independently in privileged operation not adjustable by the user-level 
process (fig. 3, ref. num 316). 

Regarding claim 31 , Bruno et al. teaches wherein the controlling further 
comprises validating the domain of the storage component relative the domain of the 
local communication component (col. 7, lines 27-47). 

Regarding claim 32 , Bruno et al. teaches further comprising preventing 
communication of the message from the storage component to the communication 
component in the absence of a match between the domain of the storage component 
and the domain of the communication component (col. 7, lines 23-27). 
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Regarding claim 33 , Bruno et al. teaches further comprising generating an error 
message in the absence of a match between the domain of the at least part of the 
storage component and the domain of the communication component (col. 6, lines 15- 
19). 

Regarding claim 34 , Bruno et al. teaches further comprising sending the 
message from the storage component to the communication component in response to 
a valid association existing between the domain of the storage component and the 
domain of the communication component (col. 7, lines 27-54). 

Regarding claim 35 , Bruno et al. teaches further comprising discerning from the 
message which of at least one of a plurality of communication components is 
designated and validating association between the storage component and each 
designated communication component to control communication of the message 
between the storage component and each designated communication component (col. 
7, lines 23-54). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon Hoffman whose telephone number is 703-305- 
4662. The examiner can normally be reached on M-F 8:30 - 5:00. However, my new 
number will be 571-272-3863 after our move on October 25, 2004. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 703-305-9648. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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